The putative class action alleged that the data breach compromised 56 million credit and debit card numbers of Home Depot customers.
According to court documents, if approved, the settlement would require Home Depot to pay $25 million into a non-revisionary fund to be distributed to financial institutions that have not already released their claims against the retailer for losses stemming from the catastrophic data breach.
For financial institutions with a valid claim, a fixed payment estimated to be $2 per compromised card could be forthcoming, without the institutions having to submit documentation of their losses and regardless of whether any compensation already has been received from another source, according to the agreement.
Class members that submit proof of losses also are eligible for a supplemental award of up to 60 percent of their documented, uncompensated losses from the data breach, documents state.
The retailer also has agreed to pay up to $2.225 million to institutions whose claims were released by a sponsor, such as a card processor, in connection with the card brand recovery program provided by MasterCard.
The MDL is In Re: The Home Depot Inc., Customer Data Security Breach Litigation, case number 1:14-md-02583, in the U.S. District Court for the Northern District of Georgia.